In THE Claims 

Claims pending 

• At time of the Action: Claims 1-34 

• After this Response: Claims 1-5, 7-8, and 10-34 
Canceled or Withdrawn claims: 6 and 9 
Amended claims: 1-5, 7-8 and 10-22; 31 (previously) 
New claims: None 

1. (Currently Amended) A method of file system protection for a 
resource-sparing operating system {QS)-image, comprisin g the stepg of : 

loading a resource-sparing operating system image t he image into random 
access memory (RAM), the unage including a catalog file embedded therein; 
creating a first hash of the image; 

extractmg a second hash of the image firom the catalog file; 
comparing the first hash and the second hash; and 

blocking the use of the image to boot the computing device when if 
the first hash and the second hash do not match, or 

validating the use of the image to boot the computing device if the 
first hash and the second hash match . 

2. (Currently Amended) The method of claim 1, fijrther 
oomprisi& gwherein the comparing includes determining that the first hash and the 
second hash do not match, and w herein the step of fiuther tihe b locking the use of 
the image to boot the computing device wla^if the first hash and the second hash 
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do not match comprises the step of determining an operational mode of the 
computing device is set to a run mode of operation. 

3. (Currently Amended) The method of claim Si, wherein the atep of 
blocking the use of the image to boot the computing device when the JBrst hash 
and tlie second hash do not match is bypassed when the step of determining the 
operational mode of the oomputuig device is set to a t e st mode of operation, the 
method further comprising the step of loading the image into a flash memory of 
the computing device further comprising wherein the comparing includes 
determining that the first hash and the second hash match, and wherein further the 
validating the use of the image to boot the computing device if the furst hash and 
the second hash match further includes vahdatmg a signature certification of the 
image . 

4. (Currently Amended) The method of claim 1, further comprising Sie 
stops of validating evaluating a signature certification of the catalog file to 
determine if the signature certification of the catalog file is valid, an d wherein the 
blockitig the use of the image to boot the computing device if the first hash and the 
second hash do not match further includes - blocking the use of the image to boot 
the computing device =vv4ieHrif the signature certification of the catalog file cannot 
be validated. 

5. (Currently Amended) The method of claim 4, wherein tlie step of 
blocking the use of the image to boot the computing device when the signature 
certification of the catalog file caimot be validated comprises the step of fijrflier 
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comprising detemiining an operational mode of the computing device is set to a 
run mode of operation. 

6. (Canceled) 

7. (Currently Amended) Hie method of claim 1, further comprising iie 
steps of extracting first make and model attributes from the catalog file, comparing 
the first make and model attributes from the catalog file with second make and 
model attributes of the computing device, an d wherein the blocking the use of the 
image to boot the computing device if the first hash and the second hash do not 
match farther includes blocking the use of the image to boot the computing device 
when if_the first make and model attributes do not match the second make and 
model attributes. 

8. (Currently Amended) The method of claim 7, wherein the step of 
blocking tlie use of die image to boot the computing device when the first malce 
and model attributes do not match the second malce and model attributes 
comprises the step of further comprising determining an operational mode of the 
computing device is set to a run mode of operation. 

9. (Canceled) 

10. (Currently Amended) The method of claim 1, further comprising #ie 
step of b ooting the computing device from a prior image already loaded in flash 
memory of the computing device. 
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11. (Currently Amended) A method of file system protection for a 
resource-sparing operating system {QS)-image, the unage including a catalog file 
embedded therein, comprisin g the steps of : 

examining the catalog file and the unage to determine if the image is a 
properly released image; and 

blocking use of the image to boot the computing device when the step of 
examining determines that the image is not a properly released image. 

12. (Currently Amended) The method of claun 11, wherein the step of 

examining is initiated upon a request to update the image, the method further 
including the step of loading an update image into random access memory (RAM). 

13. (Currently Amended) The method of claim 11, wherein the step of 
examining is initiated upon a reset of the device. 

14. (Currently Amended) The method of claun 11, wherein tlie step of 
examining comprises the steps of : 

creating a first hash of tihe image; 

extracting a second hash of the image from the catalog file; and 
comparing the first hash and the second hash, and 

wherein a mismatch provides an indication that the image is not a properly 
released image. 
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15. (Currently Amended) The method of claun 14, furtlier comprising tiae 
step-e#-determining an operational mode of the device , and wherein the step of 
blocking th e use of the image to boot the device is b>7)assed when the operational 
mode is set to test mode . 

16. (Currently Amended) The method of claim 11, wherein the step of 



examining comprises the steps of : 



extracting a signature certification from the catalog file; 
validating the signature certification; and 

wherein failure of the st^ -act of validating the signature certification 
provides an indication that the image is not a properly released image. 

17. (Currently Amended) The method of claim 16, further comprising ^ 
step of determining an operational mode of the device , and wherein the step of 
blocking the use of the image to boot the device is b>^assed when the operational 
mode is set to test mode . 

18. (Currently Amended) The method of claim 11, wherein the step of 
examining comprises the steps of : 

extracting first make and model attributes from the catalog file; 

comparing first make and model attributes from the catalog file to second 
make and model attributes of the device; and 

wherein a mismatch between the first and the second make and model 
attributes provides an indication that the image is not a properly released image for 
the device. 

LEE&HAYES.PLLC Page 7 of 22 attorney docket no. msi-2715us 

RESPaNSETOOrHCEACTIONDATEDSEPTEMBER19,20l)7 SerialNo. 10/727,479 




19. (Currently Amended) The method of claim 18, further comprising #ie 
step-ef-determining an operational mode of the device , and wherein the o tep of 
blocking the use of the image to boot the device io bypaooed when the operational 
mode is set to test mode . 

20. (Currently Amended) The method of claim 11, further comprising fee 

step of loading the image into random access memory (RAM) of the device, and 
wherein the step-ef-examining is processed after the step of loading. 

21. (Currently Amended) The method of claim 11, wherein wh e n the step 
e fif the examining determines that the unage is a properly released image, the 
method fiirther comprisin g the stepo of : 

erasing a previous unage from flash memory of the device; 

programming the flash memory of the device with the properly released 

image. 



22. (Currently Amended) The method of claim 11, wherein the 
examining comprises- the steps of : 

creating a first hash of the image; 

extracting a second hash of the image from the catalog file; 

comparing the first hash and tlie second hash; 

extracting a signature certification firom tlie catalog file; 

validating tlie signature certification; and 

extracting first make and model attributes from the catalog file; 
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comparing first make and model attributes from the catalog file to second 
make and model attributes of the device; and 

wherein any one of a first mismatch between the furst hash and the second 
hash, a failure of the step-act of validating the signature certification, and a second 
mismatch between the first and the second make and model attributes provides an 
indication that the image is not a properly released image for the device. 

23. (Original) A portable computing device, comprising: 

flash memory, the flash memory including a protected area and an 
unprotected area; 

a bootloader stored in the protected area of flash memory, the bootloader 
containing a crypto module; 

an operating system image stored in the unprotected area of flash memory; 
random access memory (RAM); and 

wherein the crypto module of the bootloader is operative to examine an 
image update to determine if the image update should be programmed into tlie 
unprotected area of flash memory to boot the device based on information 
included in a signed catalog file embedded in the image update. 

24. (Original) The device of claim 23, wherein the crypto module 
programs the image update into tlie unprotected area of flash memory when the 
device is in test mode. 
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25. (Original) The device of claim 23, whereia the bootloader stores the 
image update in the RAM until the crypto module determines that the image 
update should be programmed into the unprotected area of flash memory to boot 
the device. 

26. (Original) The device of claim 25, wherein the crypto module 
calculates a first hash of the image update, extracts a second hash from the catalog 

file, and compares the first hash and the second hash, the crypto module blocking 
use of the image update when the first hash and the second hash do not match. 

27. (Original) The device of claim 25, wherein the crypto module extracts 
a signature certification from the catalog file and attempts to validate the signature 
certification, the crypto module blocking use of the image update when tlie 
signature certification cannot be validated. 

28. (Original) The device of claim 25, wherein tlie crypto module extracts 
make and model attributes from the catalog file and compares them to make and 
model information for the device, the crypto module blocking use of the image 
update when the malce and model attributes of the image update do not match the 
make and model attributes of the device. 

29. (Original) The device of claim 25, wherein the bootloader erases a 
current device image from the unprotected area of flash memory and programs the 
image update into the unprotected area of flash memory when tlie crypto modules 
determines that the image update may be used to boot the device. 
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30. (Original) The device of claim 23, wherein a second crypto module of 
a Mira shell is operative upon a reset of the device to examine the installed 

operating system image to determine if the installed operating system image 
should be used to boot the device based on information included in a signed 
catalog file embedded in the installed operating system image. 

31. (Previously Amended) The device of claim 30, wherein the crypto 
module in the Mira shell calculates a first hash of the installed operating system 
image, extracts a second hash from the catalog file, and compares the first hash 
and the second hash, the crypto module in the Mira shell blocking use of the image 
update when the first hash and the second hash do not match. 

32. (Original) The device of claim 30, wherein the crypto module in the 

Mira shell extracts a signature certification from the catalog file and attempts to 
validate tlie signature certification, the crypto module in the Mira shell blocking 
use of the installed operating system image when the signature certification cannot 
be validated. 



33. (Original) The device of claim 30, wherein the crypto module in the 
Mira shell extracts malce and model attributes from the catalog file and compares 
them to make and model mformation for the device, the crypto module in the Mira 
shell blocking use of the installed operating system image when the malce and 
model attributes of the installed operating system rniage do not match the make 
and model attributes of the device. 
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34. (Original) The device of claim 30, wherein the crypto module in the 
Mira shell allows the installed operating system image to be used to boot the 
device when the device is in test mode. 
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